Omail: >> Omail Webmail Security Vulnerabilities
The patch to the checklogin function in omail.pl for omail webmail 0.98.5 is incomplete, which allows remote attackers to execute arbitrary commands via shell metacharacters such as "`" (backticks) in the password.
CVSS Score
10.0
EPSS Score
0.019
Published
2004-05-04
The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.
CVSS Score
10.0
EPSS Score
0.04
Published
2003-08-19